32d2923fcb7bb069c6d3a999692b8e76_JaffaCakes118 | Triage

Sharing

General

Target

32d2923fcb7bb069c6d3a999692b8e76_JaffaCakes118
Size

457KB
MD5

32d2923fcb7bb069c6d3a999692b8e76
SHA1

e12ae18d9ebcf5e16ec66fdf3297d120435d2152
SHA256

c81f2d3d44f1568d4ccb4824c10d7e34425c985d00b07c5c743e54ff8ae6bacd
SHA512

b402f8013e33a46d644cf1f8bb8c021defdbaf018d64448d70a3466c9839a5cd040dc88e7e93a8a0f5baf5b6d421c01d3441078df3d6128e7276d95bb01ff01b
SSDEEP

6144:EAymX7mtdymX7PT2qKQOAFZ+hHh79u5fJx9AHoJw4/5:EAWd0q4yWm5xqQ/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32d2923fcb7bb069c6d3a999692b8e76_JaffaCakes118

Files

32d2923fcb7bb069c6d3a999692b8e76_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Frank\Code\Plus49\obj\Debug\Plus49.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 453KB - Virtual size: 452KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ